How to trace a (mobile) phone?
What are the technical aspects to tracing a phone call; is it more difficult for mobile phone?
In the old days, signaling was inline, hence the 2600hz hack. Calls were setup as one switch talked to another, then another, and so on until a circuit was established end-to-end. In the modern age, everything is out-of-band over SS7 and every switch is lined up at the same time. The calling station is identified at the start and no tracing is really necessary.
Mobile phones do take more effort because a mobile number isn't attached to a given switch. Thus, while the far end knows what the number is, where it is involves extra technology. The cellular phone company can identify what towers the phone is associated with and thus instantly know the region it is in. Further narrowing can be done based on signal strength comparisons, which of the tower's directional antennas are holding the signal, and GPS chips in phones.
Is it more difficult if the phone is on, but not actively being used to call?
Only a custom phone would act in a way where it didn't respond to the tower asking a question, so generally no.
Why are the tools necessary to trace phone calls not available to the general public? We have traceroute to find routing information for IPs -- why not phones? Is it a question of specialized equipment, access to telecomm systems, etc. or more social?
Social legacy and equipment access. The Internet doesn't have a separate signaling band and is based on the idea of independent operators controlling where their traffic goes. The phone company is based on the legacy of one company running the show. Switch access in the phone world is internal only to the phone company or whoever they want to specifically include. The Internet, on the other hand, doesn't really have a way of considering nodes special since everything is in the same band.
How does one prevent a (mobile) phone from being traced?
Nothing will save you from being traced down to the tower you're using, but you can really screw around with the triangulation metrics by using a directional antenna and some weak false associations or intermediary transmission layer such a radio that links you to your phone. In that case, finding your phone would leave the person chasing you still lacking a physical connection and having to trace something else. Done right, you can turn the default, "Within 100 feet," into, "Somewhere in this 20 square mile cone." That is a big time, knowledge, and equipment cost commitment, though.
You may also find some success in delaying tracing by using intermediate PBX systems to mask the actual caller. If you have dial-in access to a company's PBX, the trace will stop there and somebody will have to look at logs of associated calls into the system to try and correlate the responsible line. Nest a few of those and you may buy some time. You'll probably still eventually be traced no matter how short the call was, but it will no longer be instant.
In addition to Jeff's and Rory's answers, there are some less conventional ways of tracking someone. Not by tracing his phone, but analyzing his call behavior. I worked on a datamining project were this was tested(it was based on MIT's Reality Mining). We would train the system with patterns gathered from statistics which you could get from a cellphone company. (tower id's, call durations,caller id's,...)
After that we ran test algorithms to see if we could, by just looking at the behavior, id a person if he had changed his phone number. We had successes ranging from 85-97 percent with I think about 92 percent average. It's not great but with other info you could easily determine who that person actually is and track him further. Even if he decides to change his phone number on a daily basis.
For wired phones this is very straightforward - the service provider knows where the call is coming from. It only gets more challenging (like in films) when the connection goes through multiple exchanges (they may need to get the information from the exchange) and especially with exchanges in other countries.
For mobile phones the issue is the same, but additional complexity comes from there being no wires, but instead a set of handover protocols between cells, providers etc. It can still be done, as the service providers need this information for billing purposes anyway, but it is more time-consuming.
Mobile phones handover when on, even if not currently in a call, so location information will be available.
There are also certain tools which will allow some access to phones when they are off, but these seem to be in the realm of espionage.
Why should these tools be available to the public? Certainly in the UK this should only be available on an as-needed basis to law enforcement or emergency services.
The typical route used by criminals is actually to use throwaway phones and SIM cards, as it is challenging to try and hide location information, especially if a mobile phone's IMEI number is known, or CallerIQ is implemented by the provider.